CVE-2024-52570

Name of the Vulnerable Software and Affected Versions Tecnomatix Plant Simulation versions prior to V2302.0018 Tecnomatix Plant Simulation versions prior to V2404.0007 Teamcenter Visualization versions prior to V14.2.0.14 Teamcenter Visualization versions prior to V14.3.0.12 Teamcenter Visualization versions prior to V2312.0008 Teamcenter Visualization versions prior to V2406.0005

Description The issue is related to an out of bounds write vulnerability when parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. The vulnerability is exploited through the use of WRL files, which are used by the affected applications.

Recommendations For Tecnomatix Plant Simulation versions prior to V2302.0018, update to version V2302.0018 or later. For Tecnomatix Plant Simulation versions prior to V2404.0007, update to version V2404.0007 or later. For Teamcenter Visualization versions prior to V14.2.0.14, update to version V14.2.0.14 or later. For Teamcenter Visualization versions prior to V14.3.0.12, update to version V14.3.0.12 or later. For Teamcenter Visualization versions prior to V2312.0008, update to version V2312.0008 or later. For Teamcenter Visualization versions prior to V2406.0005, update to version V2406.0005 or later. As a temporary workaround, consider avoiding the use of specially crafted WRL files until a patch is available.